From 843e5f1ab5d1d1df0eb98e825930bf9737d8c9da Mon Sep 17 00:00:00 2001 From: Alexander Bakker Date: Sun, 17 Nov 2024 10:39:33 +0100 Subject: [PATCH] Make subclasses of TotpInfo override only getOtp(long time) This fixes an issue where Steam OTP's were displayed in the wrong format. The underlying issue has been present for a while, but it first became apparent in e4c9a584f48da402291608ec1db0983dcdee2fde. --- .../beemdevelopment/aegis/crypto/otp/YAOTP.java | 4 ++-- .../com/beemdevelopment/aegis/otp/MotpInfo.java | 14 -------------- .../com/beemdevelopment/aegis/otp/SteamInfo.java | 4 ++-- .../com/beemdevelopment/aegis/otp/TotpInfo.java | 9 +-------- .../com/beemdevelopment/aegis/otp/YandexInfo.java | 4 ++-- .../aegis/crypto/otp/YAOTPTest.java | 4 ++-- 6 files changed, 9 insertions(+), 30 deletions(-) diff --git a/app/src/main/java/com/beemdevelopment/aegis/crypto/otp/YAOTP.java b/app/src/main/java/com/beemdevelopment/aegis/crypto/otp/YAOTP.java index c8f1f52f..676856c6 100644 --- a/app/src/main/java/com/beemdevelopment/aegis/crypto/otp/YAOTP.java +++ b/app/src/main/java/com/beemdevelopment/aegis/crypto/otp/YAOTP.java @@ -25,10 +25,10 @@ public class YAOTP { public static YAOTP generateOTP(byte[] secret, String pin, int digits, String otpAlgo, long period) throws NoSuchAlgorithmException, InvalidKeyException, IOException { long seconds = System.currentTimeMillis() / 1000; - return generateOTP(secret, pin, digits, otpAlgo, seconds, period); + return generateOTP(secret, pin, digits, otpAlgo, period, seconds); } - public static YAOTP generateOTP(byte[] secret, String pin, int digits, String otpAlgo, long seconds, long period) + public static YAOTP generateOTP(byte[] secret, String pin, int digits, String otpAlgo, long period, long seconds) throws NoSuchAlgorithmException, InvalidKeyException, IOException { byte[] pinWithHash; byte[] pinBytes = pin.getBytes(StandardCharsets.UTF_8); diff --git a/app/src/main/java/com/beemdevelopment/aegis/otp/MotpInfo.java b/app/src/main/java/com/beemdevelopment/aegis/otp/MotpInfo.java index d08d912f..585d5485 100644 --- a/app/src/main/java/com/beemdevelopment/aegis/otp/MotpInfo.java +++ b/app/src/main/java/com/beemdevelopment/aegis/otp/MotpInfo.java @@ -30,20 +30,6 @@ public class MotpInfo extends TotpInfo { setPin(pin); } - @Override - public String getOtp() { - if (_pin == null) { - throw new IllegalStateException("PIN must be set before generating an OTP"); - } - - try { - MOTP otp = MOTP.generateOTP(getSecret(), getAlgorithm(false), getDigits(), getPeriod(), getPin()); - return otp.toString(); - } catch (NoSuchAlgorithmException e) { - throw new RuntimeException(e); - } - } - @Override public String getOtp(long time) { if (_pin == null) { diff --git a/app/src/main/java/com/beemdevelopment/aegis/otp/SteamInfo.java b/app/src/main/java/com/beemdevelopment/aegis/otp/SteamInfo.java index 6d345c98..1adcd983 100644 --- a/app/src/main/java/com/beemdevelopment/aegis/otp/SteamInfo.java +++ b/app/src/main/java/com/beemdevelopment/aegis/otp/SteamInfo.java @@ -20,11 +20,11 @@ public class SteamInfo extends TotpInfo { } @Override - public String getOtp() throws OtpInfoException { + public String getOtp(long time) throws OtpInfoException { checkSecret(); try { - OTP otp = TOTP.generateOTP(getSecret(), getAlgorithm(true), getDigits(), getPeriod()); + OTP otp = TOTP.generateOTP(getSecret(), getAlgorithm(true), getDigits(), getPeriod(), time); return otp.toSteamString(); } catch (InvalidKeyException | NoSuchAlgorithmException e) { throw new RuntimeException(e); diff --git a/app/src/main/java/com/beemdevelopment/aegis/otp/TotpInfo.java b/app/src/main/java/com/beemdevelopment/aegis/otp/TotpInfo.java index bd43698d..cba249eb 100644 --- a/app/src/main/java/com/beemdevelopment/aegis/otp/TotpInfo.java +++ b/app/src/main/java/com/beemdevelopment/aegis/otp/TotpInfo.java @@ -27,14 +27,7 @@ public class TotpInfo extends OtpInfo { @Override public String getOtp() throws OtpInfoException { - checkSecret(); - - try { - OTP otp = TOTP.generateOTP(getSecret(), getAlgorithm(true), getDigits(), getPeriod()); - return otp.toString(); - } catch (InvalidKeyException | NoSuchAlgorithmException e) { - throw new RuntimeException(e); - } + return getOtp(System.currentTimeMillis() / 1000); } public String getOtp(long time) throws OtpInfoException { diff --git a/app/src/main/java/com/beemdevelopment/aegis/otp/YandexInfo.java b/app/src/main/java/com/beemdevelopment/aegis/otp/YandexInfo.java index b5da60de..0afdf615 100644 --- a/app/src/main/java/com/beemdevelopment/aegis/otp/YandexInfo.java +++ b/app/src/main/java/com/beemdevelopment/aegis/otp/YandexInfo.java @@ -38,13 +38,13 @@ public class YandexInfo extends TotpInfo { } @Override - public String getOtp() { + public String getOtp(long time) { if (_pin == null) { throw new IllegalStateException("PIN must be set before generating an OTP"); } try { - YAOTP otp = YAOTP.generateOTP(getSecret(), getPin(), getDigits(), getAlgorithm(true), getPeriod()); + YAOTP otp = YAOTP.generateOTP(getSecret(), getPin(), getDigits(), getAlgorithm(true), getPeriod(), time); return otp.toString(); } catch (InvalidKeyException | NoSuchAlgorithmException | IOException e) { throw new RuntimeException(e); diff --git a/app/src/test/java/com/beemdevelopment/aegis/crypto/otp/YAOTPTest.java b/app/src/test/java/com/beemdevelopment/aegis/crypto/otp/YAOTPTest.java index c215962a..785d4a71 100644 --- a/app/src/test/java/com/beemdevelopment/aegis/crypto/otp/YAOTPTest.java +++ b/app/src/test/java/com/beemdevelopment/aegis/crypto/otp/YAOTPTest.java @@ -32,8 +32,8 @@ public class YAOTPTest { testCase.pin, 8, "HmacSHA256", - testCase.timestamp, - 30 + 30, + testCase.timestamp ); assertEquals(testCase.expected, otp.toString()); }